> I don't think so, > data stored as plain text is almost stored intact in the file system. > > Using stupid windows for example, > you can easily open mysql file "table.MYD" in the folder database with > NotePad, and you can read everything. Which means, everybody without any > hacking knowledge can access to user's password and mailbox stored in your > site, since he had access to the system folder. And if you have rented > server it is recommanded to crypt strategic data.
Okay, so why are you giving users read access to the mysql data folder? They can also open up your .php file and find your "secret code." It won't hurt anything to encode it in the database, but just don't get this overwhelming sense of security and think everything is safe. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
